<?php
session_start();
include("db_connect.php");

$id= mysql_real_escape_string(htmlentities(trim($_GET['id']))); 
$type =mysql_real_escape_string(htmlentities(trim($_GET['type'])));

if($type == "edit" ){
$title = mysql_real_escape_string(htmlentities(trim($_GET['title'])));
$content = mysql_real_escape_string(htmlentities(trim($_GET['content'])));
edit($id,$title,$content);
}
else{
delete($id);
}



function edit($id,$title,$content){
	$sql= "UPDATE tbl_banner_img SET title = '".$title."', content = '".$content."', userid = '".$_SESSION['id']."' WHERE imgID = '".$id."' ";
	mysql_query($sql) or die(mysql_error());
	if (mysql_affected_rows()){		
		echo "1";
	}
	else{		
		echo $sql;
	}
}

function delete($id){

$data = array();
$data = explode(",", $id);

for($i = 0; $i<sizeof($data); $i++){
	$query = "Delete FROM tbl_banner_img where imgID='".$data[$i]."'"; 
	$result = mysql_query($query);
}
if (mysql_affected_rows())
	echo "1";

else
	echo "failed connection!";

}


?>

